package com.fyj.filter;

import javax.servlet.http.HttpServletRequest;

import com.fyj.FeignClients.LoginFeignClient;
import com.fyj.pojo.ResultCode;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.stereotype.Component;

import com.netflix.zuul.ZuulFilter;
import com.netflix.zuul.context.RequestContext;
import com.netflix.zuul.exception.ZuulException;

import java.util.List;
import java.util.Map;

@Component
public class MyFilter extends ZuulFilter {

    @Autowired
    private LoginFeignClient loginFeignClient;

    private static Logger log = LoggerFactory.getLogger(MyFilter.class);

    @Override
    //控制过滤器是否生效  true为生效
    public boolean shouldFilter() {
        return true;
    }

    @Override
    public Object run() throws ZuulException {
        RequestContext ctx = RequestContext.getCurrentContext();
        HttpServletRequest request = ctx.getRequest();
        log.info(String.format("%s >>> %s", request.getMethod(), request.getRequestURL().toString()));
        //获取token
        String accessToken = request.getHeader("Authorization");

        //无token
        if (accessToken == null || "".equals(accessToken)) {
            log.warn("token is empty");
            ctx.setSendZuulResponse(false);
            ctx.setResponseStatusCode(ResultCode.ERROR_NO_TOKEN_CODE);
        } else {
            //请求URL
            String requestURL = request.getRequestURL().toString();
            //请求路由
            String routesPath = requestURL.substring(22, 27);
            //标识当前请求路由
            String auth = "";
            if (routesPath.contains("dba")){
                auth = "DBA";
            }else if (routesPath.contains("admin")){
                auth = "ADMIN";
            }else if (routesPath.contains("bi")){
                auth = "BI";
            }
            //获取当前用户角色
            List<Map> userRolesByToken = loginFeignClient.getUserRolesByToken(accessToken);

            //鉴权
            for (Map role : userRolesByToken) {
                String authority = (String) role.get("authority");
                switch (auth) {
                    //解析token 判断是否有权限
                    case "DBA":
                        if ("ROLE_DBA".equals(authority)) {
                            System.out.println("当前用户为DBA权限，可以访问！");
                            log.info("当前用户为DBA权限，可以访问！");
                            break;
                        }else {
                            log.warn("当前用户无权限！");
                            ctx.setSendZuulResponse(false);
                            ctx.setResponseStatusCode(ResultCode.ERROR_NO_AUTHORIZATION_CODE);
                            break;
                        }
                    case "ADMIN":
                        if ("ROLE_ADMIN".equals(authority)) {
                            System.out.println("当前用户为ADMIN权限，可以访问！");
                            log.info("当前用户为ADMIN权限，可以访问！");
                            break;
                        }else {
                            log.warn("当前用户无权限！");
                            ctx.setSendZuulResponse(false);
                            ctx.setResponseStatusCode(ResultCode.ERROR_NO_AUTHORIZATION_CODE);
                            break;
                        }
                    case "BI":
                        if ("ROLE_BI".equals(authority)) {
                            System.out.println("当前用户为BI权限，可以访问！");
                            log.info("当前用户为DBA权限，可以访问！");
                            break;
                        }else {
                            log.warn("当前用户无权限！");
                            ctx.setSendZuulResponse(false);
                            ctx.setResponseStatusCode(ResultCode.ERROR_NO_AUTHORIZATION_CODE);
                            break;
                        }
                    default:
                        log.warn("当前用户无权限！");
                        ctx.setSendZuulResponse(false);
                        ctx.setResponseStatusCode(ResultCode.ERROR_NO_AUTHORIZATION_CODE);
                        break;
                }
            }
        }
        return null;
    }


    @Override
    public String filterType() {
        return "pre";
    }

    @Override
    public int filterOrder() {
        return 0;
    }

}
